Is there a way to block a user during X hours after 6 failed login attempts?.
Also, it would be useful to index this event (User XXXX blocked).
Is there a way to block a user during X hours after 6 failed login attempts?.
Also, it would be useful to index this event (User XXXX blocked).
@xexer49142 There is a section in config.yml file:
auth_failure_listeners:
ip_rate_limiting:
type: ip
allowed_tries: 3
time_window_seconds: 3600
block_expiry_seconds: 600
max_blocked_clients: 100000
max_tracked_clients: 100000
internal_authentication_backend_limiting:
type: username
authentication_backend: internal
allowed_tries: 3
time_window_seconds: 3600
block_expiry_seconds: 600
max_blocked_clients: 100000
max_tracked_clients: 100000
You can block per username or per IP.
Hope this helps